Phishing Fishing or Phishing? Definition Phishing: an attempt to - - PowerPoint PPT Presentation

phishing fishing or phishing definition
SMART_READER_LITE
LIVE PREVIEW

Phishing Fishing or Phishing? Definition Phishing: an attempt to - - PowerPoint PPT Presentation

Mar 31, 2023 318 likes •536 views

Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing sensitive information such as passwords, usernames, and credit card details for malicious reasons. Phishing can be in the form of emails, social

slide-1
SLIDE 1

Phishing

slide-2
SLIDE 2

Fishing or Phishing?

slide-3
SLIDE 3

Definition

  • Phishing: an attempt to trick victims into

sharing sensitive information such as passwords, usernames, and credit card details for malicious reasons.

  • Phishing can be in the form of emails, social

media messages, texts, or phone calls.

  • General phishing attempts are sent to a large

amount of people at the same time with the hope that someone will click on on a link and provide their personal information.

slide-4
SLIDE 4

Definition

  • Spear-phishing: An attempt to trick a

specific victim into sharing sensitive information.

  • Often appear to be from a legitimate sender
  • r someone familiar to the victim
  • Messages are modified to specifically

address a victim

  • Includes personal information about the

victim, usually obtained from social media

slide-5
SLIDE 5

Features of a Phishing Attack

  • Asks you to verify or update account

information, such as name, date of birth, mothers maiden name, security questions, credit card information, and password.

  • The tone gives a sense of urgency or

that you're in trouble. You have a limited time to respond.

  • There are spelling and grammar errors.
slide-6
SLIDE 6

Features of a Phishing Attack

  • What they’re saying sounds too good

to be true.

  • The greeting or closing is generic.

The greeting might say “Dear Valued Customer”

  • Links or attachments that lead you to

a login page or a online form where you will have to provide personal information.

slide-7
SLIDE 7

Examples of Phishing Attacks

slide-8
SLIDE 8

Due to a sytem error, you were double charged for your last Amazon

  • rder. A refund was initiated, but could not be completed due to an

error in your billing address. After your address has been updated and validated, you should receive your refund within 3 business days. You are required to update your valid address within 24 hours to receive your refund. Click her to update your DATA. Sincerely, amazon.com Spelling/grammar error Sense of urgency

Link that leads you to another page to enter personal information. Asking to verify or update information Generic closing

slide-9
SLIDE 9

Sense of urgency

Link that leads you to another page to enter personal information. Asking to verify or update information

slide-10
SLIDE 10

You have been sent this invitation because our records indicate you are currently a user whose account has not been activated. We are therefore sending you this email so that you can inform us whether you still want to use this account. If you are still interested in having this account, please update your DATA immediately because out system requires an account verification for the update. Click here to verify your account.

DATA

As part of our security measures, we regularly update all acounts on our database system. We are unable to update your email account and therefore will be cooling your email account to enable the web upgrade. Dear Gmail User, Sincerely, Gmail Member Services Team We appreciate your cooperation in this matter. Warning! Any account owner that refuses to update their account after receiving this email will lose their account permanently. To prevent an interruption with your Gmail services, please take a few moments to update your account by filling out the verification and update form immediately.

Spelling/grammar error Generic greeting Generic closing

Sense of urgency

Link that leads you to another page to enter personal information. Asking to verify or update information

slide-11
SLIDE 11

Sense of urgency

Link that leads you to another page to enter personal information. To good to be true

slide-12
SLIDE 12

Other Phishing Resources

  • Video: Phishing Scams in Plain

English

  • Scams and Schemes - Common

Sense Education

  • Better Business Bureau Scam Tips
  • Game: Phishing Scams - Avoid

the Bait

slide-13
SLIDE 13

URL Analysis

slide-14
SLIDE 14

URL Analysis

  • Most email or text message

phishing attacks start with a specially-crafted URL.

  • Even if an email or text doesn’t

have any of the phishing features, you can still get hooked!

slide-15
SLIDE 15

URL Analysis

  • Which URL do you think is the real

Facebook URL?

  • https://www.accounts.facebook.com/

verifylogin/user/

  • https://www.facebook.fblogin.com/home

  • If you read the URL #2 from left to right, like

English, then this URL appears legitimate.

  • This is the wrong way to read a URL.
slide-16
SLIDE 16

URL Analysis

  • The right way to read a URL is right to left.
  • FIRST, start on the right of the URL and

locate the Top Level Domain (.com)

  • The Domain name after the Top Level

Domain is the registered user of the website.

  • https://www.accounts.facebook.com/

verifylogin/user/

  • https://www.facebook.fblogin.com/home
slide-17
SLIDE 17

Analyze Phishy URL’s

slide-18
SLIDE 18
  • http://bankofthevvest.com
  • https://getsupport.apple.com/?caller=home&PRKEYS=
  • http://snapchat.verification.com
  • http://instagram.privacy-information.socialapp.com

Bad URL Bad URL Bad URL Good URL

slide-19
SLIDE 19

One More Example

slide-20
SLIDE 20

One More Example